Comment 15 for bug 502987

This bug was fixed in the package pdns-recursor - 3.1.7-1ubuntu0.1

---------------
pdns-recursor (3.1.7-1ubuntu0.1) intrepid-security; urgency=low

  * SECURITY UPDATE: first issue is remotely exploitable, likely
    leads to full compromise; second issue allows an attacker to
    spoof domain data for domain names he does not own (LP: #502987)
    - debian/patches/CVE-2009-4009-4010.dpatch: fixes the two
      problems
    - CVE-2009-4009, CVE-2009-4010
 -- Imre Gergely <email address hidden> Thu, 07 Jan 2010 01:35:01 +0200